The present invention relates to a method of accessing a superuser account shell of a computer device, and more particularly, to a method of using an account agent to access a superuser account shell of a computer device.
A user account that identifies a user by a username, a password or other credentials allows the user to login a computer operating system. In a UNIX-based operating system, each user has corresponding user identification (UID) that identifies the user and relates system resources to the user. In many operating systems, a superuser or a root user is a special account used for system administration, which can be corresponding to UID 0. A superuser has all privileges or permissions to all files and programs and can do many things an ordinary user cannot do, such as changing the ownership of files. On the other hand, it is of high risk to use a superuser account since a simple typographical error in entering commands may cause major damage to the operating system. In a Windows-based operating system, there is an administrator, which does not have the complete control as a superuser and only provides greater access which shields the user from most of the pitfalls of full root access.
In computing, a command is a directive to a computer program for performing a specific task. A shell is a command language interpreter and acts as an interface between the user and the kernel (the internal of an operating system), and is commonly categorized into command-line shells and graphical shells. The primary purpose of a shell is to launch programs; however, it frequently has additional capabilities such as viewing the contents of directories.
In the engineering phase of a computer device, e.g. a mobile phone, a tablet, a notebook, etc., engineers can debug the computer device conveniently by a program of a debug version, in which a superuser or administrator account can be used to control the shell of the computer device for debugging. It is easy to remount the partition, read/write/move/copy system files, dump memory, and replace the program image through the program of debug version by using the superuser account.
However, for security reasons, there is no superuser account in a computer device of a ship version (or release version) and only normal user accounts are allowed to control the shell of the computer device, in order to prevent from abuse, misuse, or undesired activities by end-users. Therefore, it is difficult to debug computer devices which are already shipped. For example, the damaged programs cannot be replaced, the memory cannot be dumped, and system files cannot be copied or moved. Even though the superuser account can be used through a complex authentication mechanism, it is still possible to be cracked by hackers and results in the reveal of private user data and confidential program codes.
Thus, there is a need to improve over the prior art to control the shell of the computer device without actually utilizing a superuser account, so as to perform debug works or any other operations conveniently while avoiding security issue.